Virtual Cybersecurity Summit
The Chicago Virtual Cybersecurity Summit enables like-minded executives, innovative solutions providers, experts and luminaries in the greater Chicagoland Area to connect. With a shared interest in security innovation in the region, summit attendees have a lot to talk about in the live, immersive online forum.
Tue. Apr 20 — Wed. Apr 21
Times for this Event are in Central Time (CDT/CST)
The Summit will be open from 8AM to 6PM.
Breakfast Briefing: 4 Simple Steps for an Effective Threat Intelligence Program 8:45 am
Many security executives and threat intelligence practitioners share a similar feeling that they invest a lot in threat intelligence, yet get limited results.
In this interactive session, we will review a simple 4-step framework for building an effective threat intelligence program. This innovative framework has been developed around the most up-to-date threat intelligence technologies and trends.
This will be delivered through a real life example of building a threat intelligence program for reducing risk from leaked credentials. Leaked credentials are involved in 37% of all breaches, and an intelligence program is one of the most important tools to mitigate this threat.
- Welcome / Introductions
Broken Authentication: Fixing one of the most critical web application security risks 9:05 am
Authentication is a cornerstone capability of any application. Ensuring a user is who they say they are is crucial to maintaining data privacy and preventing fraud and data breaches. Consequently, improperly implemented authentication, known as broken authentication, is a potentially devastating application vulnerability. In fact, the Open Web Application Security Project (OWASP) lists broken authentication as the second most critical security risk to web applications.
This session will provide:
- An overview of broken authentication;
- Why it’s so dangerous;
- The types of threats that can take advantage of this vulnerability;
- How you can prevent this most critical application security risk.
How to Confront Supply Chain Attacks and Ransomware 9:30 am
Cybersecurity professionals operate in a dynamic environment driven by two accelerating forces;threat developments and the rapid adoption of new technologies and digital business initiatives.
And yet most companies still rely on discrete snapshots of their security performance.
CISO’s and security teams must be ready to confront new threat vectors including human powered ransomware and supply chain attacks with an agile, continuous approach to security validation and constant improvement.
Join this session to discover how to:
- Pinpoint and address security deficiencies related to supply chain attacks and ransomware.
- Validate EDR detection of lateral movement, command and control and privilege escalation techniques.
- Increase the operational efficiency of security teams with automated security testing.
Small businesses deserve big protection 9:50 am
Small businesses are facing many of the same cybersecurity challenges as larger businesses. 66% of small businesses experienced a cyberattack in 2019, and 63% experienced a data breach. But securing your business doesn’t have to be complicated. Cybersecurity tools should be easy for a team of any size to deploy, use, and manage — letting you focus on more important things (like running your business!) Join Kate MacLean from Cisco to learn more about small business cybersecurity and how cloud-delivered security provides powerful protection against today’s biggest cyberthreats.
Out of the Shadows: Real-time Asset Visibility and Security for Every Connected Device 10:30 am
For many years now, enterprises have seen an explosive rise in connected devices, from traditional IT devices like servers, workstations and PCs to new and more vulnerable IoT, IoMT, and OT like building systems, medical equipment and manufacturing machines. This myriad of devices from different manufacturers, operating systems and protocols expand the attack surface. IoT, IoMT, and OT bring their own challenges as they are typically not designed with security in mind. The bad news? Security teams are still responsible for all of them. It’s time for a modern approach. In this session, Ordr’s Chief Strategy Officer Danelle Au outlines why connected device security should be on your security initiatives in 2021, and presents a framework that starts with real-time asset inventory and ends with scalable security. Learn best practices and implementation considerations for device discovery, profiling and segmentation as you start your connected device security journey.
Keynote: Reduce the Risk of Ransomware 10:50 am
The Department of Homeland Security (DHS) Cyber Infrastructure Security Agency (CISA) is our nation’s risk advisor. Working in conjunction with the US Secret Service and the FBI, CISA is the agency with the most practical experience that offers the most hands-on support for firms whose private networks are an important part the country’s critical infrastructure.
In this exclusive briefing for the Chicago Virtual Cybersecurity Summit, Ms. Nicewick will review the components of CISA’s new Reduce the Risk of Ransomware Campaign. From certifications to communications, and valuable reference resources, her talk will give cybersecurity leaders in the region an outline of best practices around preparation, prevention, and putting plans into action.
Ms. Nicewick will also provide important lessons learned from case studies relevant to the region, from useful landmarks like WannaCry to other recent ransomware evolutions. Additionally, Ms. Nicewick’s keynote will explore other hot-button ransomware related contingencies, including everything from “double extortion” attacks to the burgeoning business of ransomware negotiators to executive-level decision-making criteria to consider if your firm becomes a victim of a ransomware attack.
Panel Participants:Alex Joves
Regional Director, Region V (IL, IN, MI, MN, OH, WI)
Expert Panel Discussion: Ransomware 11:45 am
Rescue from Ransomware - what to know before you get that nasty email
Ransomware has been a hot topic, as bad actors show there is no honor among thieves – as they target hospitals, health care organizations and other firms in the throws of COVID response. Moreover, sensitive data is put at risk, huge sums of money are in the balance, and organizations must struggle between expediency and the bottom line. Whether you chose to pay the ransomware or not, industry experts tell you to treat your entire network as contaminated. Rebuilding images, devices, re-formatting storage, and all the rest is part of this process. In this panel, our experts will talk about what to do first – and what to avoid, and where the traps may lie.
Panel Participants:Gil Azrielant
Co-Founder and CTO at Axis SecurityJT Clay
Technical EngineerPaul Prudhomme
Head of Threat Intelligence Advisory
- Lunch Break
The Dark Web: Exposing the Business of Cybercrime 12:40 pm
The Dark Web is growing at an exponential rate, with hackers doubling down on cybercrime-as-a-service—allowing non-traditional and unskilled hackers to wreak havoc in ways previously unheard of. Criminals don’t have to be skilled to get your data;they just need to know where and who to go to for help.
This session aims to expose the inner workings and business of the cyber underground, focusing on the following:
Cryptocurrency – The impact digital currency has had on the rate of growth of cybercrime
Cybercrime-as-a-service – The expansion of services offered by skilled hackers and for low cost
Money laundering and money mules – Ways criminals are skirting around laws and regulations to get paid
Mitigating risk – How businesses can protect themselves from all levels of cybercriminals with an emphasis on the importance of investing in proactive threat-hunting
Extortionware: Your Privacy Problems Made Public 1:00 pm
Over the last decade, ransomware has increasingly become the most popular option for hackers to monetize the access they’ve obtained to corporate computer systems around the world. Over the last few years, we’ve observed ransomware software and techniques adapt and evolve to include the theft and exposure of private information, creating extortionware as a new breed of malicious software. This talk will provide an overview of these techniques and discuss the potential privacy and security impacts you may face as a result.
Moving Beyond Password to Delight & Secure Users 1:20 pm
Passwords have been a constant throughout the internet era. As we’ve moved from desktops to smartphones, from on-premises infrastructure to cloud services, we’ve all relied on passwords to access and safeguard our data and resources across the applications we use on a daily basis.
But in this new digital age where data breaches are rampant, passwords are no longer good enough. Not only are they insecure, they are expensive and offer a poor user experience. Fortunately, there’s a better way to protect your applications and stop account takeover incidents.
In this session, we’ll discuss the benefits of passwordless authentication and explain how eliminating the password can help improve user experience, admin visibility and control, and scalability. We’ll also walk through key considerations and first steps as you embark on your passwordless journey.
Top 4 Reasons Why Privileged Access Management Implementations Fail 1:55 pm
It is shocking that, year over year, stealing credentials is still the top tactic used by attackers to breach organizations. Why is this still happening? Hint: It isn’t only because of weak passwords. Organizations have invested heavily into privileged access management technologies, but these solutions have struggled to address the problem for five key reasons. In this discussion, we will address the gaps in current access management approaches but, more importantly, show you how to quickly close the gaps and significantly reduce security risks without disrupting your current investments or systems.
The Rise of Secure Access Service Edge (SASE) 2:15 pm
Secure access service edge (SASE) offerings are cloud-delivered platforms that give consistent security across different applications, devices, web destinations, on-premises resources, and infrastructure. To achieve this, these platforms deliver a variety of functionality from complementary security solutions. As organizations operate in our frenetic business world, SASE becomes imperative. In this session, you will learn:
- Why organizations need SASE
- The key components of SASE offerings
- How SASE architectures impact performance
Guest Keynote: SolarWinds & Regulation Changes: Is CMMC the answer? 2:50 pm
SolarWinds & Regulation Changes: Is CMMC the answer?
NIST 800-171 compliance was required in 2017 but work arounds were created. The 2020 SolarWinds ORION Supply Chain Attack highlighted the weaknesses those work arounds opened. Now, the US Department of Defense is implementing the Cybersecurity Maturity Model Certification (CMMC) to normalize and standardize cybersecurity preparedness across the federal government’s defense industrial base (DIB).
This demands the Government know the level of compliance that exists at each company. The results are not good
Though not due until 2025, CMMC has no work-arounds. You either “are” or “aren’t.” If you are not CMMC then you cannot do DoD work. CMMC compliance is to begin to appear in DoD contracts starting in Fall 2021, Winter 2022. If a company is not CMMC ready they will not be considered for the work.
From his long CISO and government agency experience, as well as his recent consulting engagements, EJ Hilbert has developed a body of knowledge on this subject, which he will share with the Data Connectors Cybersecurity Community for the first time at the Chicago Virtual Cybersecurity Summit on April 20th.
Expert Panel Discussion: Regulations, SolarWinds & CMMC 3:25 pm
Regulations, SolarWinds & CMMC
NIST and the MITRE ATT&CK framework give us ways to talk about exposure, classify risks and talk to our teams about how to address. CMMC is a solid requirement that can serve as a bar for an understanding of cybersecurity preparedness. With all that said, how ready are most organizations to comply with the new requirements? Do the regulatory changes go far enough? What else did we learn from the SolarWinds hack that cannot be addressed with regulation? What changes have organizations put in place to address supply chain and other third-party risk in their environment?
Our expert panel will review these points, as well as address live questions from our Summit audience during this interactive panel discussion.
Panel Participants:Deborah Watson
Resident CISOAndrew Hoover
Resilience Engineering Team Lead of CERT Division at Carnegie Mellon UniversityDevin Jones
Chief Product Officer
Q&A with Tony Cole 3:50 pm
Featured Keynote: Protecting Data in a Post-Pandemic World 4:00 pm
Protecting Data in a Post-Pandemic World
As more of our lives have moved online, our data has followed, providing companies with new revenue streams and insights to better meet their customers’ needs, but also carrying risks. If data is not responsibly handled and protected, the reputational and business ramifications can be catastrophic.
The good news: while digital transformation may have initially outpaced cybersecurity and data governance practices in 2020, companies are catching up. According to PwC’s Digital Trust Insights Survey, 55% of executives are planning to increase their cybersecurity budgets, and 51% are planning to add full-time cyber staff in 2021. Moving forward, companies will need to build resilience around their cloud infrastructure, rethink their governance and compliance strategies for a cloud-centric world, and develop their security team’s skillset to prepare for threats coming both today and tomorrow. With a proper data governance framework, companies can maximize the benefits of new sources of data while minimizing risks and building trust with stakeholders.
- Day One Closing Session
- Day Two
Breakfast Briefing: Security & Compliance from Endpoint to Cloud 9:00 am
According to Enterprise Technology Research (ETR), 72% of the total global workforce is currently working remotely and the number of employees permanently working remotely will double in 2021 to 34.4%. With these figures, companies now more than ever must ensure their assets, especially their endpoints, are protected from threats.
Armor now extends security protection and visibility beyond your public, private and hybrid cloud environments to your endpoint devices all in one solution. Armor Anywhere with EDR detects and blocks behavioral anomalies, fileless and signatureless malwares, ransomware, and more across your customers’ distributed endpoints in real time.
- Welcome / Introductions
Tackling User Behavior Head-On 9:25 am
Today’s popular attacks like phishing, credential compromise, and business email compromise have one thing in common: they need people to work. InfoSec professionals add technology on top of technology, but still the problems persist. How do you take people from the weakest link to active defenders of your organization? Based on our experiences with tens of millions of users, we’ll share with you best practices, strategies, and benchmarks to be successful.
Join our presentation to learn about:
- Best practices for running an effective security awareness program
- Strategies for driving behavior change and improving security culture
- Benchmarks for making real impacts to your risk posture
THE LAST LINE OF DEFENSE: DATA PROTECTION 9:45 am
With the growth of Ransomware and cybercrime, Data protection is experiencing a resurgence. Organizations are quickly having to modernize their data protection architecture and strategies to meet not only these demands but also the demand that digital transformation is placing upon them; current approaches are designed around a backup centric approach, whereas a new approach centered around restore and getting organizations back up and running as quickly as possible are critical. Join this session to learn about the latest innovations in the data protection space and how they can be implemented to provide a restore centric approach and provide a true last line of defense.
Microsoft Teams Vulnerabilities 10:20 am
Microsoft Teams has quickly become the go-to application for remote work, accelerating dramatically in usage over the last year. Millions of users turned to Microsoft Teams to help keep businesses going in 2020—and hackers have noticed. As Teams is still relatively new, much is unknown about how it operates and how hackers will approach it.
While the increased usage has been well-documented, what’s not been documented is whether the app is vulnerable to hacking. We will talk about discoveries that have already been made, potential risks that we see in the future, and how to best secure this relatively new communication vector.
This session will walk attendees through:
The many inherent vulnerabilities in the platform
The popular attack types
How hackers act differently within Teams than they do on email
Top tips for minimizing email security threats 10:45 am
Email continues to be the most effective way to gain a foothold in a business network and is often where successful compromises or breaches start. It’s the primary vector for malware infection because it effortlessly puts malicious payloads in front of the user, putting them one click away from exploitation. In this session, email security expert, Rob Marchi, shares how to overcome these challenges and how you can proactively address these ongoing issues with top tips for minimizing email security threats.
Expert Panel Discussion: Cybersecurity in IoT 11:05 am
Cybersecurity in IOT
The Internet of Things (IoT) poses entirely new challenges. With 35 billion IoT devices expected to be in operation by next year – weak passwords, insecure network services and a lack of secure update mechanisms concern every organization.
Panel Participants:Jeff Horne
Director of Enterprise Security at DarktraceJohn Bloomer
Office of the CTO
- Lunch Break
CISO Panel 12:05 pm
Panel Participants:Fred Kwong, Ph.D.
Fred Kwong, Ph.D.
CISO & AVP Security, Identity and Operations - Delta Dental Plans AssociationMatthew Zielinski
Director, Technology Infrastructure & CISO at Vivid Seats LLCRon Zochalski
CTO/CISO at Lake CountyJim Serr
CIO - Joliet Junior CollegeStephenie Southard
CISO - BCU
Faking It: Stopping Impersonation Attacks with Cyber AI 1:00 pm
Today, 94% of cyber-threats still originate in the inbox. ‘Impersonation attacks’ are on the rise, as artificial intelligence is increasingly being used to automatically generate spear-phishing emails, or ‘digital fakes’, that expertly mimic the writing style of trusted contacts and colleagues.
Humans can no longer distinguish real from fake on their own – businesses are increasingly turning to AI to distinguish friend from foe and fight back with autonomous response.
In an era when thousands of documents can be encrypted in minutes, ‘immune system’ technology takes action in seconds – stopping cyber-threats before damage is done.
Find out how in this session.
Why Office 365 Backup is ESSENTIAL 1:20 pm
The role IT professionals play in a landscape where data loss, security breaches, and invasion of privacy are the new normal has never been more critical. With that spotlight comes great pressure to deliver on the organization’s expectations that data is safe, privacy is not compromised, productivity is unencumbered, and brand reputation is intact.
Join this session to review the data security challenges organizations face in today’s computing landscape, by uncovering the gaps in the out-of-the-box security features found in Office 365, that require action to achieve an effective backup and recovery strategy.
Panel Participants:Rick Vanover
Senior Director, Product Strategy at Veeam SoftwareKarinne Bessette
Global Technologist, Product Strategy at Veeam Software
Earn More Trust Through Vulnerability Management Best Practices 1:55 pm
COVID has brought on a set of security challenges that has security teams pivoting and spinning up new applications to meet the unique demands of quarantine and remote work. When external and even internal environments demand that you move quickly, how do you measure and communicate changes? And how do you build trust with customers, staff and the board, ensuring data and other investments are protected? Join Synack’s VP of Operations, Nick Harrahill, for a discussion on how to meet these unique demands.
- Best practices security leaders can pursue to harden vulnerability programs
- How leveraging a continuous crowdsourced testing model can help measure and communicate security posture
- How to maximize trust with customers and throughout organizations
InfoSec Stories 2:15 pm
This presentation will focus on real cases in which we exploited vulnerabilities and gained further access into clients’ infrastructure using social engineering. The vulnerabilities related to software and processes that require user interaction. The speaker will give a brief technical description for each vulnerability and suggest practices to avoid them. Furthermore, on the second part, a list of Secure Software Development Life Cycle (S-SDLC) facts and practices related to:
- Bug classes
- The development team
- Issue tracking
will be presented, giving our audience the opportunity to adapt, benefit of and to correct “by design” the aforementioned vulnerabilities.
Expert Panel Discussion: DevSecOps in the Cloud 2:35 pm
DevOps Security and the Cloud
DevOps enables you to release features and bug fixes faster than ever before. However, traditional security activities can’t seem to keep up with this fast-paced tempo. How can you make sure security doesn’t get left behind? Ignoring security bugs won’t make them go away. Slowing down the DevOps team isn’t an option. How can we make DevOps, and DevSecOps work well in the fast-paced cloud environment we live in?
I think the challenges with devops fall into a couple buckets—
Panel Participants:Maury Cupitt
VP of Engineering at SonatypeBecki True
Senior Security Engineer at Auth0Carlo Beronio
Director Systems Engineering West/Central at Attivo NetworksGavin Matthews
Technical Product Manager at Red Canary
Securing Legacy Hardware Architecture Apps in Modern Cloud Infrastructure 3:20 pm
Mission-critical applications running on legacy hardware, such as SPARC, Alpha, VAX, or PA-RISC, are posing a significant, ongoing threat to IT security in addition to risk of unplanned downtime, increasing costs, and diminishing support. Legacy hardware also complicates digital transformation brought about by embracing new technologies. In this presentation, we’ll discuss some effective strategies for migrating legacy apps away from aging hardware to a private or public cloud. We’ll also discuss bringing improved availability and enhanced security leveraging zero trust architecture to these previously brittle legacy apps.
Keynote: Mitigating cyber security threats using Artificial Intelligence 4:00 pm
Presented by Navy Personnel Command
In 2020, corporate spend on AI exceeded $50 Billion and US federal alone was over $6B more. Over 20% of that or $10B+ was aimed at cyber. Those numbers and that percentage will continue to grow. We know that an innovative and a secure future requires investment in advanced technology. But is this seeding bearing fruit? One major study cites that only 10% of companies have seen a significant return on their AI investment. Yet burying our heads in the sand and waiting for this to pass seems like a recipe to obsolescence. Even ostriches know that. Therefore, something must change. To advance our organizations, we must improve our AI and Cyber AI yield. This AI summer has now received enough investment and produced enough hope, hype and lessons learned to shed light on how to move from gambles into investments. We will look at what actions can be taken within the pre-procurement, procurement, and implementation processes for ways to increase the likelihood of improved outcomes or, as is sometimes said within the military, increase the amount of steel on target.
Panel Participants:Justin Fanelli
Chief Architect of Defense Medical Intelligence Data and the Technical Director at the Naval Information Warfare Center
- Summit Final closing Session